package com.awanp3.nimbus.system.strategy.impl;

import cn.dev33.satoken.stp.StpUtil;
import cn.dev33.satoken.stp.parameter.SaLoginParameter;
import com.awanp3.nimbus.common.core.constant.HeaderConstants;
import com.awanp3.nimbus.common.tenant.helper.TenantHelper;
import com.awanp3.nimbus.system.api.model.LoginUser;
import com.awanp3.nimbus.system.domain.vo.LoginVo;
import com.awanp3.nimbus.system.domain.vo.SysClientVo;
import com.awanp3.nimbus.system.domain.vo.SysUserVo;
import com.awanp3.nimbus.system.form.XcxLoginBody;
import com.awanp3.nimbus.system.service.ISysUserService;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.model.AuthCallback;
import me.zhyd.oauth.model.AuthResponse;
import me.zhyd.oauth.model.AuthToken;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.request.AuthRequest;
import me.zhyd.oauth.request.AuthWechatMiniProgramRequest;
import com.awanp3.nimbus.system.strategy.IAuthStrategy;
import com.awanp3.nimbus.system.strategy.SysLoginService;
import com.awanp3.nimbus.common.core.exception.ServiceException;
import com.awanp3.nimbus.common.core.utils.ValidatorUtils;
import com.awanp3.nimbus.common.json.utils.JsonUtils;
import com.awanp3.nimbus.common.satoken.utils.LoginHelper;
import org.springframework.stereotype.Service;

/**
 * 邮件认证策略
 *
 * @author nimbus
 */
@Slf4j
@Service("xcx" + IAuthStrategy.BASE_NAME)
@RequiredArgsConstructor
public class XcxAuthStrategy implements IAuthStrategy {

    private final SysLoginService loginService;

    private final ISysUserService sysUserService;

    @Override
    public LoginVo login(String body) {
        XcxLoginBody loginBody = JsonUtils.parseObject(body, XcxLoginBody.class);
        ValidatorUtils.validate(loginBody);
        // xcxCode 为 小程序调用 wx.login 授权后获取
        String xcxCode = loginBody.getXcxCode();
        // 多个小程序识别使用
        String appid = loginBody.getAppid();

        SysClientVo client = loginService.checkClient(loginBody.getClientId(), loginBody.getGrantType());

        if (TenantHelper.isEnable()){
            loginService.checkTenant(loginBody.getTenantId());
        }

        // 校验 appid + appsrcret + xcxCode 调用登录凭证校验接口 获取 session_key 与 openid
        AuthRequest authRequest = new AuthWechatMiniProgramRequest(AuthConfig.builder()
            .clientId(appid).clientSecret("自行填写密钥 可根据不同appid填入不同密钥")
            .ignoreCheckRedirectUri(true).ignoreCheckState(true).build());
        AuthCallback authCallback = new AuthCallback();
        authCallback.setCode(xcxCode);
        AuthResponse<AuthUser> resp = authRequest.login(authCallback);
        String openid, unionId;
        if (resp.ok()) {
            AuthToken token = resp.getData().getToken();
            openid = token.getOpenId();
            // 微信小程序只有关联到微信开放平台下之后才能获取到 unionId，因此unionId不一定能返回。
            unionId = token.getUnionId();
        } else {
            throw new ServiceException(resp.getMsg());
        }
        // todo getUserInfoByOpenid 方法内部查询逻辑需要自行根据业务实现
        SysUserVo sysUserVo = sysUserService.selectUserByOpenid(openid);
        LoginUser loginUser = loginService.buildLoginUser(sysUserVo);
        loginUser.setOpenid(openid);
        loginUser.setClientKey(client.getClientKey());
        loginUser.setDeviceType(client.getDeviceType());

        SaLoginParameter model = new SaLoginParameter();
        model.setDeviceType(client.getDeviceType());
        // 自定义分配 不同用户体系 不同 token 授权时间 不设置默认走全局 yml 配置
        // 例如: 后台用户30分钟过期 app用户1天过期
        model.setTimeout(client.getTimeout());
        model.setActiveTimeout(client.getActiveTimeout());
        model.setExtra(HeaderConstants.CLIENT_KEY, client.getClientId());
        // 生成token
        LoginHelper.login(loginUser, model);

        LoginVo loginVo = new LoginVo();
        loginVo.setAccessToken(StpUtil.getTokenValue());
        loginVo.setExpireIn(StpUtil.getTokenTimeout());
        loginVo.setClientId(client.getClientId());
        loginVo.setOpenid(openid);
        return loginVo;
    }

}
